The Packets, Life and everything
How to convert letters to lower case in BashUPPERCASE using bashlowercase using bash How to convert letters to lower case in Bash echo "THIS IS MY DATA" | tr '[:upper:]' '[:lower:]' UPPERCASE using bash # y="this Is A test" # echo "${y^^}" THIS IS A TEST lowercase using bash # x="THIS IS a TeSt"# echo "${x,,}"this is …
just some notes about FirewallD and nftables firewall-cmd --zone public --add-rich-rule 'rule service name="ssh" accept limit value="1/m"' firewall-cmd --zone=trusted --add-source=-your-own-IP-here- firewall-cmd --runtime-to-permanent vi /etc/firewalld/policies/dns.xml <?xml version="1.0" encoding="utf-8"?> <policy target="CONTINUE"> <service name="dns"/> <rule> <service name="dns"/> <accept> <limit value="5000/m"/> </accept> </rule> <ingress-zone name="ANY"/> <egress-zone name="HOST"/> </policy> firewall-cmd --reload firewall-cmd --info-policy=dns dns (active) priority: -1 target: CONTINUE ingress-zones: …
It is a good idea to do basic DoS Protection, even internaly. Configuring DoS policyVerificationdiagnose ips anomaly listReleasing the blocked sendersdiagnose ips anomaly clearLinks Configuring DoS policy This will configure a basic DoS Policy for Traffic with default values and block violations for 2 Minutes. config firewall DoS-policy edit 1 set name "ALL DoS-Policy" set …
Force VPN Tunnels to the CPUFirst you need to force the Encrypted traffic over the CPU. Take packet captures from the GUI It is somehow counter intuitive but we need to take care that the IPSec session is not offloaded into Hardware. This basically the Opposite as described in Ensuring IPSec traffic is offloaded for …
Continue reading "Fortigate – IPSec Troubleshooting – VPN Analyse"
Sometimes there is the need to have an forwarding only name server. named.conf/etc/resolv.confDocker enviroments named.conf controls { net 127.0.0.1 allow { localhost; } keys { "rndc-key"; }; }; key "rndc-key" { algorithm "hmac-md5"; secret "somesecret-for-rndc"; }; options { directory "/etc/named.d"; listen-on { 127.0.0.1; }; max-cache-ttl 600; max-ncache-ttl 300; forward only; forwarders { <IP of SERVER1>; …
Continue reading "Bind9 – Caching only DNS Server with Logging"
For certain environments like docker / kubernets hosts i find it usefull to have a permanent query log in place. As the time writing query logging with systemd-resolved can only be achived with debug enabled. Personalty i do not like to run a daemon needlessly in debug mode.With Bind9 it is easy to have a …
Using piHole for a while at home, i feeld that i wanted to bring things back to my already running bind9 name servers. Please do not misunderstand me PiHole is really a great solution. Bind has the option to build up a DNS Firewall. Enable the RPZ Zoneload the zone filethe zone file Build a …
Continue reading "DNS Firewall or Bind9 Response Policy Zones (RPZ)"
This is just a collection of some information to remember about named setup. This is not comprehensiv and just suits my needs. ConfigurationBind9 - Caching NameserverBind9 - LoggingLogging ConfigurationLog analyse Configuration Bind9 - Caching Nameserver https://www.digitalocean.com/community/tutorials/how-to-configure-bind-as-a-caching-or-forwarding-dns-server-on-ubuntu-14-04 Bind9 - Logging Based on https://kb.isc.org/docs/aa-01526 print-time yes; print-category yes; print-severity yes; Logging Configuration mkdir -p /var/named/logchown named:named /var/named/log …
We had the need to find AWS IP Addresess for a certain Service and Regions, and use them to route traffic over Amazons Direct Connect.Luckily Amzon publishes the IP Ranges in Json Format. Shell CodeRoutes for ciscoShellAWS IP Ranges Syntax SyntaxsyncTokenprefixesipv6_prefixesip_prefixipv6_prefixnetwork_border_groupregionserviceFiltering the JSON fileLinuxExample 1. Get the creation dateExample 2. Get the information for a …
I had again the need to calculate proxy performance. So a few notes on this topic. Time to First Byte Using Curl Jon Fox published an post how to find the time to first byte (TTFB) with curl. curl -w "Connect time: %{time_connect} Time to first byte: %{time_starttransfer} Total time: %{time_total} \n" -o /dev/null [url to …
This is my personal catalog of typical troubleshooting commands I employ when dealing with FortiGate Firewalls. In contrast to Cisco, where 'show' is the universal command, Fortinet offers a range of options, including 'show,' 'get,' 'diagnose,' and 'execute,' for retrieving pertinent information. Important to remember It is 'get router info routing-table' to see the routing …
Patrick Marc's Networks 